Main Menu
Cyber Security
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
Virginia Contractor Convicted for Destroying Federal Databases
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Two Americans Jailed for Running North Korean IT Worker Laptop Farms
GothFerrari Gets 6.5 Years for $250M Crypto Home-Invasion Theft Ring
DAEMON Tools Build Breach Spread Three-Stage Backdoor for 27 Days
PamDOORa Linux PAM Backdoor Sold for $1,600, Grants Covert SSH Access
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Trend Micro: QLNX Implant Targets Developers for Supply Chain Attacks
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
FTC Bans Data Broker Kochava from Selling Americans Location Data
Apache CVE-2026-23918 Enables DoS and RCE in HTTP/2 — Patch to 2.4.67
China-Linked UAT-8302 Targets Governments in South America and Europe
Karakurt Negotiator Gets 8.5 Years in First U.S. Conviction
Microsoft: AiTM Phishing Hit 35,000 Users in 26 Countries
Palo Alto CVE-2026-0300 Under Active Attack — Patch Due May 13
cPanel CVE-2026-41940 Exploited Within 24 Hours, Ransomware Deployed
Kaspersky: DAEMON Tools Backdoored in Supply Chain Attack
ShinyHunters Claims 280 Million Canvas Records Lifted from Instructure
MOVEit Is Back in the Crosshairs: CVSS 9.8 Flaw in Automation
HR Emails Are the New Phishing Bait — And MFA Won’t Save You
SimpleHelp and ScreenConnect: The IT Tools That Became a Backdoor

Sorry, we couldn't find any posts. Please try a different search.

Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Application Security
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Andrew Doyle May 8, 2026
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Cybersecurity
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Mitchell Langley May 8, 2026
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Cybersecurity
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Andrew Doyle May 6, 2026
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Cybersecurity
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Andrew Doyle May 6, 2026

TOP CYBERSECURITY HEADLINES

Dirty Frag Zero-Day Grants Root Access on Most Linux Distributions
Cybersecurity
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Cybersecurity
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
CVE Vulnerability Alerts
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
Application Security
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV

This Week’s Security Spotlight

Kaspersky DAEMON Tools Backdoored in Supply Chain Attack
Cybersecurity
Kaspersky: DAEMON Tools Backdoored in Supply Chain Attack
Mitchell Langley May 6, 2026
Signed, Sealed, Stolen Hackers Used DigiCert to Certify Malware
Application Security
Signed, Sealed, Stolen: Hackers Used DigiCert to Certify Malware
Gabby Lee May 5, 2026
When Amazon Sends the Phishing Email
Cybersecurity
When Amazon Sends the Phishing Email
Andrew Doyle May 5, 2026
Application Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Mitchell Langley April 21, 2026
More In News
Trending
HR Emails Are the New Phishing Bait — And MFA Won’t Save You
Tax Season Never Really Ends for Hackers
When Amazon Sends the Phishing Email
Phishing Scams Are Now Exploiting Apple’s Trusted Email Servers

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Sorry, we couldn't find any posts. Please try a different search.

Cyber Security News

Envoy Air Data Breach Oracle EBS Exploit Exposes Sensitive Data
Application Security
Envoy Air Data Breach: Oracle EBS Exploit Exposes Sensitive Data
October 21, 2025
Everest Ransomware Group Claims Collins Aerospace Attack Linked to Europe’s Airport Disruptions
Cybersecurity
Everest Ransomware Group Claims Collins Aerospace Attack Linked to Europe’s Airport Disruptions
October 21, 2025
TikTok Videos Instructing Users To Run PowerShell Commands
Cybersecurity
TikTok Videos Instructing Users To Run PowerShell Commands
October 21, 2025
Pwn2Own Automotive 2026 Offers $3M+ in Prizes for Security Vulnerabilities
Cybersecurity
Pwn2Own Automotive 2026 Offers $3M+ in Prizes for Security Vulnerabilities
October 21, 2025
ConnectWise Automate Patches Critical Flaws Allowing AitM and Malicious Updates
Application Security
ConnectWise Automate Patches Critical Flaws Allowing AitM and Malicious Updates
October 20, 2025
Netcore Cloud Data Leak 13TB Breach Exposes 40 Billion Records
Data Security
Netcore Cloud Data Leak: 13TB Breach Exposes 40 Billion Records
October 20, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
First American Cyber Attack Disrupts Closings: No New Updates from the American Title Insurance Firm
December 28, 2023
The nation’s second-largest title insurer, and its subsidiaries are currently experiencing an ongoing system outage following the First American cyber attack on December 20th. This ...
Liberty Hospital Cyber Attack Forces Kansas City to Transfer Patients and Reschedule Appointments
December 27, 2023
A hospital in the vicinity of Kansas City, Missouri, is facing challenges in delivering patient care due to a cyberattack that has affected its computer ...
Yakult Cyber Incident Leads to 95 GB Data Leak – DragonForce Claims the Cyber Attack
December 27, 2023
Yakult Australia, the manufacturer of a popular probiotic milk drink, recently faced a cyber incident. The Yakult Cyber Incident has impacted both their IT systems ...
Barracuda Zero Day Vulnerability Exploited by UNC4841 – Barracuda Remotely Patches Email Security Gateway Appliances
December 27, 2023
According to Barracuda, a leading network and email security firm, they have successfully applied remote patches to all active Barracuda Email Security Gateway (ESG) appliances ...
Integris Health Data Breached: Patients Receive Extortion Emails, Data of 2 Million Compromised
December 27, 2023
Integris Health, Oklahoma’s largest not-for-profit health network, has recently experienced a cyberattack resulting in the theft of patient data. The Integris Health data breach led ...
Mr. Cooper Data Breach Affects 14.7 Million – Mortgage Firm Shuts Down IT Systems
December 27, 2023
Mr. Cooper Data Breach has sent shockwaves amongst the cybersecurity community as the mortgage lending firm was forced to shut down its IT systems to ...
GTA 5 Source Code Leaked a Year After GTA 6 Leaks in Rockstar Hack
December 27, 2023
Recent reports have surfaced the internet that on Christmas Eve, the source code for GTA 5 source code leaked on GTA leak channel on the ...
Synology Security Advisory SA-22:15 GLPI Disclosed Multiple Remote Access Vulnerabilities
December 26, 2023
Synology Security Advisor SA-22:15 revealed multiple vulnerabilities that allow remote access to sensitive information, add web scripts, HTML, or inject SQL command(s) via the vulnerable ...
Ace Hardware Cyber Attack Disrupts Operations and Cripples IT Systems
December 22, 2023
Ace Hardware, the American hardware retailers’ cooperative, has experienced significant disruptions to its operations following a cyber attack in 2023. Ace Hardware Cyber Attack 2023 ...
First American Financial Hacked: Takes IT Systems Offline to Contain the Breach
December 22, 2023
First American Financial Corporation, the second-largest and one of the very first American title insurance companies in the US, has taken certain systems offline today ...
How to Conduct a Cybersecurity Risk Assessment: Step-by-Step Guide
December 21, 2023
In today’s digital landscape, cybersecurity is a top concern for organizations of all sizes. As cyber threats continue to evolve and become more sophisticated, businesses ...
Enhance Your Email Security: 15 Best Email Security Practices for 2024
December 20, 2023
Securing emails is crucial for enterprises due to various compelling reasons, which is why they need robust email security. Given that emails serve as a ...
OilRig APT Uses Downloader Malware for Cyberespionage
December 15, 2023
Iranian state-sponsored threat actor OilRig, also known as APT34, continued its cyber espionage endeavors throughout 2022, deploying three distinctive downloader malware—ODAgent, OilCheck, and OilBooster. Slovak ...
Spear Phishing vs Phishing: How Do Spear Phishing Attacks Differ from Standard Phishing Attacks?
December 14, 2023
In today’s digital landscape, where communication is predominantly virtual, the threat of phishing attacks—especially spear phishing—has escalated. Phishing refers to the deceptive practice of sending ...
Spider-Man Developer Insomniac Games Hit by Rhysida Ransomware
December 13, 2023
Since its emergence in May 2023, Rhysida ransomware has gained notoriety as an emerging threat actor in the cybercrime landscape. The latest target of this ...
Toyota Cyberattack: Medusa Ransomware Strikes Toyota, Customer Data Compromised
December 12, 2023
Toyota Financial Services (TFS), a subsidiary of Toyota Motor Corporation, faces the aftermath of a cyberattack, courtesy of the Medusa ransomware group. The breach, detected ...
Canadian Government’s Data Security Compromised Affecting its Contractors
November 21, 2023
In a recent cybersecurity incident, the Canadian government has reported that two of its contractors, Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & ...
Microsoft Exchange Zero-Day Exploit: Experts Say Mitigation isn’t Enough
October 10, 2023
Microsoft has shared mitigations for two new Microsoft Exchange zero-day elevation of privelege vulnerability, tracked as CVE-2022-41040, and remote execution vulnerability (CVE-2022-41082). However, security researchers ...
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
Virginia Contractor Convicted for Destroying Federal Databases
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Two Americans Jailed for Running North Korean IT Worker Laptop Farms
GothFerrari Gets 6.5 Years for $250M Crypto Home-Invasion Theft Ring
DAEMON Tools Build Breach Spread Three-Stage Backdoor for 27 Days
PamDOORa Linux PAM Backdoor Sold for $1,600, Grants Covert SSH Access
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Trend Micro: QLNX Implant Targets Developers for Supply Chain Attacks
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
FTC Bans Data Broker Kochava from Selling Americans Location Data
Apache CVE-2026-23918 Enables DoS and RCE in HTTP/2 — Patch to 2.4.67